package postpic.server.user;

import java.sql.ResultSet;
import java.sql.SQLException;

import postpic.domain.User;
import postpic.server.db.Query;

public class UserDao {
	
	public UserDao() {
		
	}
	
	public User validateLogin(final String email, final String password) {
		
		String query = 	"SELECT " +
						"	user_id, first_name, last_name, email_address " +
						"FROM user " +
						"WHERE " +
						"	email_address='" + email + "' AND " +
						"	password='" + password + "'";
		
		Query q = new Query(query);
		ResultSet rs = q.execute();
		try {
			if (rs != null && rs.next()) {
				System.out.println("Correct login credentials.");
				User user = new User();
				user.setUserId(rs.getInt("user_id"));
				user.setEmail(rs.getString("email_address"));
				user.setNameFirst(rs.getString("first_name"));
				user.setNameLast(rs.getString("last_name"));
				return user;
			} else {
				System.out.println("Incorrect login credentials");
			}
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return null;
	}
	
	public User registerUser(final String email, final String firstName, final String lastName, final String password) {
		User user = new User();
		
		if(validateLogin(email, password) == null) {
			String sql = 	"INSERT INTO user " +
							"(" +
							"	email_address, first_name, last_name, password " +
							")" +
							"VALUES " +
							"(" +
								"'" + email + "','" + firstName + "','" + lastName + "','" + password + "'" +
							")";
			
			Query q = new Query(sql);
	
			if(q.executeUpdate() == 1)
			{
				String query = 	"SELECT " +
				"	user_id, first_name, last_name, email_address " +
				"FROM user " +
				"WHERE " +
				"	email_address='" + email + "' AND " +
				"	password='" + password + "'";
				
				q.setQuery(query);
				ResultSet rs = q.execute();
				try
				{
					if (rs.next())
					{
						user.setUserId(rs.getInt("user_id"));
						user.setEmail(rs.getString("email_address"));
						user.setNameFirst(rs.getString("first_name"));
						user.setNameLast(rs.getString("last_name"));
						return user;
					}
				}
				catch (SQLException e)
				{
					e.printStackTrace();
				}
			}
			else
				return null;
		}
		
		user.setUserId(000000);
		return user;
		
	}
	
	public User getUser(final Integer userId) {
		
		String sql = 	"SELECT * " +
						"	FROM user " +
						"WHERE " +
						"	user_id='" + userId + "'";
		
		Query q = new Query(sql);
		ResultSet rs = q.execute();
		User user = new User();
		
		try {
			while(rs != null && rs.next())
			{
				
				try {
					user.setUserId(rs.getInt("user_id"));
					user.setEmail(rs.getString("email_address"));
					user.setNameFirst(rs.getString("first_name"));
					user.setNameLast(rs.getString("last_name"));
				} catch (SQLException e) {
					e.printStackTrace();
				}
				return user;
				
			}
		} catch (SQLException e) {
			e.printStackTrace();
		}
		
		return null;
	}
	
	public boolean addFriend(final String searchedUser, final User user) {
		String sql =	"Select " +
						"	user_id AS friend_id " +
						"FROM user " +
						"WHERE " +
						"	email_address='" + searchedUser + "'"; /*+ "' AND " +
						"	friend_id NOT IN (" +
												"SELECT friend_id " +
												"FROM friend_relation FR " +
												"INNER JOIN user US " +
												"	ON FR.friend_id = US.friend_id " +
												"WHERE " +
												"	US.email_address='" + searchedUser + "'" +
											")";*/
		
		Query q = new Query(sql);
		ResultSet rs = q.execute();
		
		try {
			if(rs != null && rs.next())
			{
				sql =	"INSERT INTO friend_relation " +
						"(" +
						"	user_id, friend_id " +
						")" +
						"VALUES " +
						"(" +
						"	'" + user.getUserId() + "','" + rs.getString("friend_id") + "'" +
						")";
				q.setQuery(sql);
				q.executeUpdate();
				return true;
			}
		} catch (SQLException e) {
			e.printStackTrace();
			return false;
		}		
		return false;
	}

}
